Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow creating Scan to initiate an attack against the target application #45

Closed
8 tasks done
ostridm opened this issue Nov 14, 2022 · 0 comments
Closed
8 tasks done

Allow creating Scan to initiate an attack against the target application #45

ostridm opened this issue Nov 14, 2022 · 0 comments
Assignees
@ostridm
Labels
Type: enhancement New feature or request.

Comments

@ostridm
Copy link
Contributor

ostridm commented Nov 14, 2022
edited by derevnjuk
Loading

When considering scanning for the target application, we should provide a simple and useful API to prevent users to know how our services communicate with each other. Ideally, we should hide the inter-service communication inside by introducing the Scan class.

You should make sure that the user is able to create multiple concurrent scans to speed up the flow and limit the attack surface. To hide implementation details and reduce complexities while creating an instance of Scan, you should implement a factory that will be in charge of creating scan with a particular configuration.

The ScanSettings interface should be generic and straightforward. For starters, it should include tests, a couple of parameters to optimize scanning, and info about the target application.

The crawler and other discovery methods can be easily used to set up a scan from scratch. However, in some cases, to improve the attack surface and define explicit boundaries it is better to build a HAR before starting a new scan. To address the complexity while creating HAR request, you can use the Builder or Factory pattern that helps you to hide details of how to deal with a particular kind of postData or cookies:

public class Target : TargetOptions 
{
  private Dictionary<string, string>? _headers;
  private Dictionary<string, string?> _headerValues = new Dictionary<string, string?>();
  private List<Header>? _headerParameters;
  
  public Dictionary<string, string> Headers { 
    get { 
      return _headers ?? new Dictionary<string, string>(); 
    } 
    
    private set {
      _headers = value;
      _headerValues.Clear();
      _headerParameters?.Clear();
      _headerParameters = null;
    }
  }
  
  public List<Header> HeaderParameters { 
    get { 
      if (_headerParameters.Any()) 
      {
        List<Header> headers = new List<Header>(_headers.Keys.Count);
      
        foreach(var item in _headers) {
          headers.Add(new Header {Name = item.Key, Value = item.Value});
        }
        this._headerParameters = headers;
      }
    
      return this._headerParameters ?? new List<Header>();
    }
  }
  
  // ...

  public Request ToHarRequest() {
    return new Request() {
      // ...
      Headers = _headerParameters.ToArray(),
      HeadersSize = -1,
      BodySize = -1
    };
  }
}
@ostridm ostridm added the Type: enhancement New feature or request. label Nov 14, 2022
@ostridm ostridm self-assigned this Nov 16, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ostridm ostridm

Labels
Type: enhancement New feature or request.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ostridm @derevnjuk